Say hello to nDPI 2.0 (with wireshark integration)

Consolidates the API, in particular for guessing new protocols or notifying nDPI that for a given flow there are no more packets to dissect.

Introduces nDPI support into Wireshark by means of a lua script and extcap plugin. Available via an extcap interface, the plugin sends Wireshark the nDPI-detected protocols by adding an ethernet packet trailer that is then interpreted and displayed inside the Wireshark GUI using the companion lua script. If you’re planning to attend the Sharkfest US 2017, we will present the tool in detail.

Introduces support for many new protocols and add enhancements on existing dissectors as described below.

New Supported Protocols and Services

STARTTLS

IMAPS

DNScrypt

QUIC (Quick UDP Internet Connections)

AMQP (Advanced Message Queueing Protocol)

Ookla (SpeedTest)

BJNP

AFP (Apple Filing Protocol)

SMPP (Short Message Peer-to-Peer)

VNC

OpenVPN

OpenDNS

RX protocol (used by AFS)

CoAP and MQTT (IoT specific protocols)

Cloudflare

Office 365

OCS

MS Lync

Ubiquity AirControl 2

HEP (Extensible Encapsulation Protocol)

WhatsApp Voice vs WhatsApp (chat, no voice)

Viber

Wechat

Github

Hotmail

Slack

Instagram

Snapchat

MPEG TS protocol

Twitch

KakaoTalk Voice and Chat

Meu

EAQ

iQIYI media service

Weibo

PPStream

Improvements to Existing Dissectors

SSH client/server version dissection

Improved SSL dissection

SSL server certificate detection

Added double tagging 802.1Q in dissection of vlan-tagged packets

Improved netBIOS dissection

Improved Skype detection

Improved Netflix traffic detection

Improved HTTP subprotocol matching

Implemented DHCP host name extraction

Updated Facebook detection by ip server ranges

Updated Twitter networks

Improved Microsoft detection

Enhanced Google detection

Improved BT-uTP protocol dissection

Added detection of Cisco datalink layer (Cisco hDLC and Cisco SLARP)

For future releases we have plans to make nDPI more flexible and rich in terms of categorization of protocols, as well enrich it with new protocols and extensions.

Shall you be interested to contribute to the library or join the team, please speak up!

Upcoming Events

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies from this website. Privacy PolicyAcceptRead more